Employee Monitoring, Insider Risk

How to Prevent Employee Fraud with Stealth Monitoring

By Veriato Team

As technology has taken over the workplace, more companies are utilizing tracking software to monitor the digital behaviors of employees.  An article by CNBC cited a 2018 Gartner survey that revealed: “that 22% of organizations worldwide in various industries are using employee-movement data, 17% are monitoring work-computer-usage data, and 16% are using Microsoft Outlook- or calendar-usage data.”

Tracking software provides the resources and tools to catch theft and dishonest behaviors, and employers can customize the software to meet the needs of a specific industry or internal team. Here’s how to prevent employee fraud using stealth monitoring.

Time Fraud: Communicating & Surfing on the Job

Misuse of company technology can become a form of time theft. The“2007 Electronic Monitoring & Surveillance Survey,” which was conducted by the American Management Association (AMA) and The ePolicy Institute, found that inappropriate use of company email was a reason that about one in four companies cited for firing an employee, and about 33 percent of employers severed ties with an employee because of improper internet use.

How can software catch fraudulent use of time? Veriato monitors:

  • Emails
  • Internet use (records and tracks all websites)
  • Chats & IMs
  • Social media use

The software also provides reports for all employees on daily productivity. Companies can review these reports to see how much company time was spent on personal or recreational activities. Reports will break actions down by social media use, internet sites, email correspondence, and text/chat duration.

Proprietary Information: Protecting Documents and Files

Proprietary information, including details from client interactions, also can be analyzed and investigated utilizing tracking software. Employers will see all the documents and files that employees have downloaded, saved, or transferred.

The software also tracks USB use, and any company information that is saved on a USB will be flagged. These actions will typically prompt an alert to managers or top-level executives that data has been breached.

Comprehensive monitoring software like Veriato also includes keystroke logging. Why is this important? Keystrokes often reveal company passwords that were used to unlock or view documents. Keep in mind, though, that sometimes employees will view certain documents for their job—so these actions alone don’t always mean fraud or theft.

Not Adding Up: Stolen Figures

Companies may have a need to monitor certain teams more closely. Perhaps financial fraud is a serious concern; maybe the company was targeted in the past.

The software should allow companies to restrict keyword searches to specific team members, like accounting or HR. Companies can flag financial transfer requests or use keystroke logs to uncover passwords that were used to access personal banking sites or other financial businesses.

Geolocation features also can reveal that an employee was visiting a bank or another financial institution after accessing company accounts. While one specific action doesn’t necessarily imply misdeeds, monitoring software allows companies to spot patterns and uncover digital tracks that reveal incriminating behaviors.

HR Hacks & Identity Theft

Human Resource files can be a prime target for identity thieves, and those thieves may be hiding in plain sight. Fraudulent access to social security numbers and other employee data may reveal that the company is a victim of internal identity theft.

Companies may notice access to multiple employee files, medical records, or other private information. However, software should provide all the information employers need to catch the crime and stop the perpetrator; Veriato tracks all downloads, application usage, file movement, network access, and file uploads.

HR team members may be watched more closely, and software allows leaders to flag results utilizing key phrases specific to the department (e.g., social security, birth dates, medical records, etc.). However, these phrases also can help track employees outside of HR who may be breaching confidential employee records.

Facing Fraud Head-On: Next Steps

When a company discovers internal fraud, what’s next? That really depends on the type of fraud. Financial fraud or any theft of proprietary or other confidential information (including employee info) may lead to a police investigation.

Time fraud, on the other hand, may result in internal policy changes, disciplinary action, or perhaps even termination. Each case is different, but regardless of the outcome, the monitoring software will always provide the evidence employers need to make their case.

In certain cases, employees may feel that software is a form of spying. Monitoring can feel like a digital big brother and may even breed distrust and fear in employees. For this reason, Veriato always recommends that employers discuss monitoring with all employees. Ideally, monitoring should be disclosed and outlined in an employee handbook.

If used correctly, monitoring software can catch misdeeds before they lead to serious liabilities for employers. As work goes digital, monitoring employees online and via technology is becoming more commonplace to ensure that workers are not putting the company at risk. No matter how a company utilizes monitoring software, though, it should always be openly discussed with employees. Transparency is the key to ensuring trust, accountability, and retaining good employees.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Insider Risk & Employee Monitoring Resources

Smart Year-End IT Investments- A Trifecta for ROI

Smart Year-End IT Investments- A Trifecta for ROI

Drive Productivity, Reduce Insider Risk, Enforce Compliance As the year wraps up, many IT, security, compliance, and HR teams have unspent budgets that won't roll over. Rather than scrambling for last-minute, low-value purchases, why not make smart, strategic...

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...